""ShinyHunters has no shortage of options for potential follow-up campaigns. They can target instructors with convincingly branded messages, pivot into downstream tools, and even impersonate trusted contacts to push payment redirection or harvest credentials.""
""For students and families, the fallout can range from identity fraud attempts to harassment and doxxing, plus the quieter, longer-term damage of having educational affiliation and contact details circulating in criminal markets.""
McGraw-Hill confirmed unauthorized access to a limited set of internal data due to a Salesforce misconfiguration. An extortion threat from ShinyHunters raised concerns about the incident's scale. The group claimed to have obtained up to 45 million Salesforce records, including personally identifiable information. However, McGraw-Hill disputes this, stating that only limited, non-sensitive data was exposed. The incident did not involve unauthorized access to its Salesforce accounts or internal systems, indicating a potential issue at the application or configuration layer within Salesforce.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]